URL: <https://savannah.gnu.org/bugs/?55511>
Summary: Prevent Panic causing Panic, and children removing sockets Project: GNU Screen Submitted by: sshambar Submitted on: Fri 18 Jan 2019 06:41:51 PM UTC Category: Program Logic Severity: 3 - Normal Priority: 5 - Normal Status: None Privacy: Public Assigned to: None Open/Closed: Open Discussion Lock: Any Release: 4.6.2 Fixed Release: None Planned Release: None Work Required: None _______________________________________________________ Details: While tracking down another screen bug, I noticed that I wasn't getting Panic messages from child processes, and my screen socket kept disappearing. This is all related to suid root screen (tested on OSX, but probably applies to other suid ports). The problem is that in several places forked child processes call setuid, but don't set eff_uid to the new uid. Any child Panic will call SendErrorMsg, which will create a child socket, which calls xseteuid(eff_uid=0) after the socket is created -- and that leads to another Panic. This prevented the error from being sent. In addition, since ServerSocket is still valid, when the child Panic calls eexit(), it removes the socket file. I've created a patch that fixes both of these bugs (and fixes a leaked file descriptor or fork fails, which probably doesn't happen often :) Patch is attached. _______________________________________________________ File Attachments: ------------------------------------------------------- Date: Fri 18 Jan 2019 06:41:51 PM UTC Name: Prevent-Panic-causing-Panic-and-children-removing-sockets.diff Size: 4KiB By: sshambar <http://savannah.gnu.org/bugs/download.php?file_id=46014> _______________________________________________________ Reply to this item at: <https://savannah.gnu.org/bugs/?55511> _______________________________________________ Message sent via Savannah https://savannah.gnu.org/